Reorder inclusion of header files:

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 72821a1fce6a138067eaed4e48b8a020cb33dfd4..ab172aeaeccbf9f1fb574a992e4644434bef1de1 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -116,11 +116,11 @@
 #  include <assert.h>
 #endif
 #include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
 #include <openssl/objects.h>
 #include <openssl/lhash.h>
 #include <openssl/x509v3.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
 
 const char *SSL_version_str=OPENSSL_VERSION_TEXT;
 
@@ -136,7 +136,6 @@ OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
 
 int SSL_clear(SSL *s)
        {
-       int state;
 
        if (s->method == NULL)
                {
@@ -144,6 +143,12 @@ int SSL_clear(SSL *s)
                return(0);
                }
 
+       if (ssl_clear_bad_session(s))
+               {
+               SSL_SESSION_free(s->session);
+               s->session=NULL;
+               }
+
        s->error=0;
        s->hit=0;
        s->shutdown=0;
@@ -161,7 +166,6 @@ int SSL_clear(SSL *s)
                }
 #endif
 
-       state=s->state; /* Keep to check if we throw away the session-id */
        s->type=0;
 
        s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
@@ -182,12 +186,6 @@ int SSL_clear(SSL *s)
 
        ssl_clear_cipher_ctx(s);
 
-       if (ssl_clear_bad_session(s))
-               {
-               SSL_SESSION_free(s->session);
-               s->session=NULL;
-               }
-
        s->first_packet=0;
 
 #if 1
@@ -891,7 +889,10 @@ int SSL_shutdown(SSL *s)
 
 int SSL_renegotiate(SSL *s)
        {
-       s->new_session=1;
+       if (s->new_session == 0)
+               {
+               s->new_session=1;
+               }
        return(s->method->ssl_renegotiate(s));
        }
 
@@ -1313,7 +1314,7 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
        ret->key_arg=NULL;
        ret->s2->conn_id=NULL; */
 
-       ret->info_callback=0;
+       ret->info_callback=NULL;
 
        ret->app_verify_callback=0;
        ret->app_verify_arg=NULL;
@@ -1442,15 +1443,10 @@ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u)
        ctx->default_passwd_callback_userdata=u;
        }
 
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg)
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,void *), void *arg)
        {
-       /* now
-        *     int (*cb)(X509_STORE_CTX *),
-        * but should be
-        *     int (*cb)(X509_STORE_CTX *, void *arg)
-        */
        ctx->app_verify_callback=cb;
-       ctx->app_verify_arg=arg; /* never used */
+       ctx->app_verify_arg=arg;
        }
 
 void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *))
@@ -1643,9 +1639,10 @@ void ssl_update_cache(SSL *s,int mode)
         * and it would be rather hard to do anyway :-) */
        if (s->session->session_id_length == 0) return;
 
-       if ((s->ctx->session_cache_mode & mode)
-               && (!s->hit)
-               && SSL_CTX_add_session(s->ctx,s->session)
+       i=s->ctx->session_cache_mode;
+       if ((i & mode) && (!s->hit)
+               && ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)
+                   || SSL_CTX_add_session(s->ctx,s->session))
                && (s->ctx->new_session_cb != NULL))
                {
                CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
@@ -1654,7 +1651,6 @@ void ssl_update_cache(SSL *s,int mode)
                }
 
        /* auto flush every 255 connections */
-       i=s->ctx->session_cache_mode;
        if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
                ((i & mode) == mode))
                {
@@ -2136,14 +2132,15 @@ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
        }
 #endif
 
-void SSL_set_info_callback(SSL *ssl,void (*cb)())
+void SSL_set_info_callback(SSL *ssl,
+                          void (*cb)(const SSL *ssl,int type,int val))
        {
        ssl->info_callback=cb;
        }
 
-void (*SSL_get_info_callback(SSL *ssl))(void)
+void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
        {
-       return((void (*)())ssl->info_callback);
+       return ssl->info_callback;
        }
 
 int SSL_state(SSL *ssl)